targets

now browsing by tag

 
 

Lebanese #Hackers that #Spied on #Targets from 21 #Countries #Exposed

Source: National Cyber Security – Produced By Gregory Evans

The intelligence agency of Lebanon seemingly has been caught carrying out espionage operations against numerous people of whom military personnel and journalists are included, across at least twenty countries say researchers from one mobile security firm called Electronic Frontier Foundation and Lookout.

One prominent hacking scheme associated with a most robust intelligence and security agency inside Lebanon is now publicly known following unskilled spies leaving stolen data sized several hundred GBs openly on the Web, states a report released January 18.

Read More….

The post Lebanese #Hackers that #Spied on #Targets from 21 #Countries #Exposed appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Iranian #Hackers Have Set Up a #News Outlet to #Court Possible #Targets, #Security Firm Says

Iranian #Hackers Have Set Up a #News Outlet to #Court Possible #Targets, #Security Firm SaysAn Iranian cyber espionage group known as Charming Kitten is believed to be behind a campaign targeting academic researchers, human rights activists, media outlets and political advisors focusing on Iran, according to a report published earlier this week by Israel-based threat intelligence company ClearSky Cyber Security. The group has also set up a news outlet […] View full post on AmIHackerProof.com | Can You Be Hacked?

Software developers are easy targets for hackers study finds

Source: National Cyber Security – Produced By Gregory Evans

Netsparker Ltd., a company in the web applications security industry, has released survey results showing that most software developers make themselves easy targets for hackers, even when they are behind a corporate firewall. The primary reason is not that their web server software is out of date, however. Instead, it…

The post Software developers are easy targets for hackers study finds appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

These Are the Known Targets in the Petya Ransomware Attack So Far

Source: National Cyber Security – Produced By Gregory Evans

A global ransomware attack on Tuesday hit computers at Russia’s biggest oil company, Ukraine’s international airport, global shipping firm A.P. Moller-Maersk, and the world’s biggest advertising agency WPP. Following is a list of companies and organizations that have reported being hit by cyber attacks: ROSNEFT Russia’s top oil producer Rosneft…

The post These Are the Known Targets in the Petya Ransomware Attack So Far appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Smart Fridges, Ovens Make For Easy Hacking Targets

Source: National Cyber Security – Produced By Gregory Evans

Smart Fridges, Ovens Make For Easy Hacking Targets

There was a massive 54% increase in the number of records stolen by cyber criminals across the globe in 2016, and the expanding adoption of connected devices is increasing the danger of hacking, Wipro Ltd said in its State of Cybersecurity Report. The report found that the emergence of smart…

The post Smart Fridges, Ovens Make For Easy Hacking Targets appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers have developed a WannaCry copycat that targets Android smartphones

more information on sonyhack from leading cyber security expertsSource: National Cyber Security – Produced By Gregory Evans Security experts are warning about a new form of ransomware that is being used to target Android smartphones. The ransomware, dubbed WannaLocker, was discovered by Avast, and has been targeting Android users in China. The creators of the ransomware are said to have taken inspiration from […] View full post on AmIHackerProof.com | Can You Be Hacked?

Woman targets elderly for check fraud, identity theft

Source: National Cyber Security – Produced By Gregory Evans

Woman targets elderly for check fraud, identity theft

Pierce County Sheriff’s Detectives are asking for the public’s help to identify a woman using a stolen identity belonging to an 86-year-old woman suffering from dementia. “In this particular case, somebody in the family recognized what was going on, which is a good thing, especially if you have parents that…

The post Woman targets elderly for check fraud, identity theft appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Iran-linked hackers used Microsoft Word flaw against Israeli targets, security firm says

Source: National Cyber Security – Produced By Gregory Evans

Iran-linked hackers used Microsoft Word flaw against Israeli targets, security firm says

Hackers allegedly linked to the Iranian government launched a digital espionage operation this month against more than 250 different Israel-based targets by using a recently disclosed and widely exploited Microsoft Word vulnerability, cybersecurity experts tell CyberScoop.

The hacking group, dubbed OilRig by security researchers and believed to be tied to Iranian intelligence services, utilized a software flaw in Word officially known as CVE-2017-0199 that allows attackers to execute a remote computer intrusion to take full control of a target device while leaving little or no trace, said Michael Gorelik, vice president of Israeli security firm Morphisec.

Over the last month, Morphisec has investigated the incident on behalf of multiple victims. Clients showed forensic evidence on their respective networks that could be linked back to OilRig. After its disclosure in March, CVE-2017-0199 was quickly exploited by nation-states and cybercriminals alike.

John Hultquist, ‎Director of Cyber Espionage Analysis at iSIGHT Partners, confirmed Morphisec’s findings.

“We have recently seen these actors and [other] cyber espionage actors targeting Asia adopt CVE-2017-0199. The vulnerability was a proliferation issue before it was patched, and remains one now,” said Hultquist.

OilRig has been around since at least 2015, according to numerous security industry experts who have watched the group target Israeli networks repeatedly and with varying tactics.

To exploit the Microsoft Word vulnerability, a target must open or preview an infected Microsoft Office or WordPad file, which OilRig sent out in large numbers to hundreds of Israeli-based targets, including government agencies and officials. When opened, the attachment designed by OilRig would download the Hanictor trojan, a variant of fileless malware capable of bypassing most security and anti-virus protections.

CVE-2017-0199 was patched earlier this month by Microsoft after an extraordinary nine-month delay from when it was initially communicated to the company privately. Getting the vast ecosystem of Microsoft users to patch machines is a slow and unreliable process, however, so many often remain vulnerable after a patch is published.

Point of initial contact

“The OilRig campaign is a multi-stage kill chain meant to burrow into Israeli critical defense infrastructure,” said Tom Kellermann, CEO of D.C.-based venture capital firm Strategic Cyber Ventures. Kellerman is a major investor in TrapX, another cybersecurity firm that also detected and helped clients defend against the Iranian cyberattack.

The beginnings of the Iranian operation are believed to have started with a series of phishing emails sent to Ben Gurion University employees although it quickly expanded to include various Israeli technology and medical companies. Ben Gurion University is home to Israel’s Cyber Security Research Center, a scientific institute that develops sophisticated cyber capabilities.

Gorelik said an investigation is ongoing to better understand the full scope of damage caused by the hackers. His firm, Morphisec, posted technical analysis of the attack on Thursday morning.

Investigators were able to identify a series of command and control servers activated by the hackers on April 16, which were subsequently used to launch the offensive cyber operation, according to a notification published Wednesday by Israel’s Computer Emergency Response Team. The first round of phishing emails were sent on April 19 and the last came on April 24. The malware-laden emails carried subject lines relating to nonexistent “resumes, exams and holiday plans,” said Gorelik.

Exploiting CVE-2017-0199 enables an attacker to download and execute a Visual Basic script containing PowerShell commands whenever a vulnerable user opens a document containing an embedded exploit, according to American cybersecurity firm FireEye. Malware payloads executed after the exploit can come from all manner of malware families.

FireEye previously found that various hackers — including both governments and cybercriminals — were using the same CVE-2017-0199 vulnerability to breach a wide array of different victims.

On April 11, researchers at FireEye described an attack exploiting CVE-2017-0199 this way:

A threat actor emails a Microsoft Word document to a targeted user with an embedded OLE2 embedded link object
When the user opens the document, winword.exe issues a HTTP request to a remote server to retrieve a malicious HTA file
The file returned by the server is a fake RTF file with an embedded malicious script
Winword.exe looks up the file handler for application/hta through a COM object, which causes the Microsoft HTA application (mshta.exe) to load and execute the malicious script
“This kind of vulnerability is very rare,” Gorelik said. “There has been progress from this group. This is one of the more advanced fileless campaigns I’ve seen. It was a targeted, large campaign using quite a big infrastructure. It’s fileless, so it’s very hard to detect. They regenerated signatures on the endpoint each and every time for the trojan so it’s very hard to remediate, identify or remove it.

He added, “this Iranian group is quite advanced I would say.”

The Iran-backed espionage campaign was first revealed in broad terms Wednesday through a vague press announcement issued by the Prime Minister’s Office, claiming that Israel’s newly formed Cyber Defense Authority helped to thwart the attack.

The attacks were “relatively well planned and took considerable resources. It is obvious that there was intelligence gathering prior to the attack and a careful selection of targets — in this case Israeli computing companies,” said Boaz Dolev, CEO of the Israeli security firm ClearSky in an interview with the Israeli newspaper Haaretz.

Source:

The post Iran-linked hackers used Microsoft Word flaw against Israeli targets, security firm says appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

How Smartphones Are Becoming Hacking Targets

Source: National Cyber Security – Produced By Gregory Evans

How Smartphones Are Becoming Hacking Targets

In the wake of last month’s “Gooligan” attacks, which targeted more than a million Android devices and gained access to the users’ Google accounts, experts are suggesting that a flood of simlar smartphone hacking incidents may be on the way

The post How Smartphones Are Becoming Hacking Targets appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Dell Security targets small organizations with AI product launch

Dell-office-logo-300x278Dell has launched a new AI-based security solution, Threat Defence, which has been designed specifically for smaller organizations with limited or no IT resource. The new offering utilizes machine learning and AI technologies to prevent threats from entering an organizations perimeter, as opposed to simply detecting them once inside. Dell claims the new offering stops […] View full post on AmIHackerProof.com | Can You Be Hacked?